Edge PAAS Endpoints

DevOps and Current CDN Providers

A review of some of the CDNs available in the market today and commentary on their readiness for DevOps centric entineering teams.

Overview of Ten CDNs

Akamai

Akamai is one of the world’s leading distributed computing platforms and generally considered to be the world’s largest CDN, serving between 15-30% of all web traffic. Its global network numbers over 240,000 servers in more than 130 countries. In addition to its CDN, media and software delivery services, Akamai has worked on building up a cybersecurity feature set. Its customers include FOX Sports, Honda Motor Co, NASDAQ OMX Group and Thomson Reuters. It was founded in 1998 by Daniel Lewin, a graduate MIT student and Tom Leighton, an MIT applied math professor and is still headquartered in Cambridge, Mass. Akamai is currently undergoing management changes with Elliott Management acquiring a 6.5% stake in the company last year.

Amazon CloudFront

Amazon CloudFront is the CDN side of Amazon Web Services (AWS) and offers a set of features (including website acceleration, video streaming, content download and static or dynamic content caching), along with multiple customizable options. CloudFront operates on a pay-as-you-go basis. CloudFront has servers in Europe, Asia, Australia, South America and several major cities in the U.S. It also operates 107 edge locations across five continents, giving CloudFront the capacity to offer web videos and other high bandwidth content locally to its consumers at an improved latency.

Cloudflare

Cloudflare was founded by Lee Holloway, Michelle Zatlyn and CEO Matthew Prince in 2009. Having started by launching a free plan for very small websites, it is now the most popular content delivery network provider globally, based on unique visitors received (6,300,000). Its DNS users number over 6 million. Nearly 10% of all requests for web pages go through Cloudflare’s global network of servers. In addition to CDN and web optimization services, Cloudflare offers DNS services and security offerings, including DDoS mitigation. Cloudflare’s headquarters are in San Francisco with four additional U.S. offices and two international ones (Singapore & London). Cloudflare has attracted media attention around its position on freedom of speech and its hosting of controversial websites.

Fastly

Fastly is a fairly recent entrant into the CDN landscape. Its “edge cloud platform” offers CDN services, security offerings, video and streaming, in addition to load balancing services. They built differentiation in the market through highlighting the ability to clear cache quickly and leverage the programmability of Varnish Cache (version 2.1). Over 3 billion people globally are served content via Fastly each month. Its HQ are in San Francisco, California with five additional offices (three in the U.S. and two in London and Tokyo). Fastly’s CDN customers include Reddit and Spotify.

Imperva Incapsula

Incapsula was founded in 2009 and originally operated under the cybersecurity company Imperva; security remains one of its key offerings with the company defining itself as “a security CDN”. That same year, Incapsula was spun out into its own company then brought back into the Imperva fold in 2014 where it remains as a product line within the parent company. Imperva Incapsula is a cloud-based application delivery platform that uses a worldwide CDN to offer application delivery, content caching, load balancing and failover services, in addition to web application security and DDoS mitigation. Its HQ are in Redwood City, CA.

Level 3 (Now CenturyLink)

The multinational CDN, telecom and ISP company Level 3 was acquired by CenturyLink in 2017 with its CEO Jeff Storey becoming CEO of CenturyLink. CenturyLink has kept the name Level 3 and continues to offer content delivery, core transport, IP, voice and video services for medium-to-large Internet carriers across the U.S., Latin America, Europe and in certain cities in Asia. Level 3 is a significant player as a music and video content provider, delivering Netflix and Apple’s services.

Limelight Networks

Limelight Networks is a Tempe, Arizona based company that offers global CDN services, particularly focused on helping companies securely deliver digital content, including live and on-demand videos, online gaming and operating system updates. Its network has over 80 PoP and delivers between 40-80 petabytes of data on a daily basis. The company distinguishes itself as a CDN by virtue of having its own private network. Limelight’s private network includes the lease of dark fibre and operation of DWDM hardware. The company recently announced a partnership with Chinese CDN Tencent Cloud, giving the two companies’ reciprocal rights to offer their services to each others’ customer bases, opening up a route into China for Limelight.

Microsoft Azure CDN

Microsoft Azure CDN is a customizable CDN for users looking for integration with Microsoft Azure’s larger stack of cloud tools for building, testing, deploying and managing applications and services through Microsoft’s global network of data centers. Initially, Azure didn’t offer use of Microsoft’s own servers; however, in May 2018, Microsoft launched itself as a provider within Azure CDN, enabling Azure customers to use and deliver content from Microsoft’s own global CDN network. Various new offerings were launched simultaneously, including new regional caching capabilities and use-your-own-SSL certificates.

StackPath

StackPath launched a couple of years ago billing itself as a Security-as-a-Service (Saas) firm, offering a range of edge services on a platform built for cloud scale. StackPath’s CDN offerings are built on those of companies it acquired - MaxCDN and Highwinds. Its current focus is on North America and Europe, and StackPath has a high density of PoP in both continents with multiple tier-1 carriers; it is beginning to grow PoP elsewhere, including three sites in Asia, one in South America (Sao Paolo) and another in Sydney. Additional features include built-in DNS, quality of service (QoS) control mechanisms, a free shared SSL (or the option to use your own SSL certificate) plus anti-DDoS mitigation and WAF services.

Verizon

Verizon (formerly Edgecast Networks) is a self-provisioning CDN favored by the telecom and hosting industries. Verizon Digital Media Services acquired Edgecast in 2013 and the company still uses Edgecast CDN as its name. The Edgecast CDN offers a range of features and capabilities, including static caching and dynamic content acceleration, security features (including WAF, DDoS protection, bot mitigation and DNS resolutions), global scalability, a self-service real-time analytics portal, APIs and rules engine, and optimized delivery for video streaming and mobile devices.

How Ready for DevOps is the CDN Market?

According to DORA & Puppet’s 2017 State of DevOps Report, enterprises that employ DevOps practices deploy code up to 30 times more frequently than their counterparts and 50% fewer of their deployments fail. Engineers following DevOps principles are expected to take both a holistic view of operations and engage in the day-to-day operation of software in order to understand how the software being deployed by an IT team is functioning across a diverse set of operating systems and platforms, and make small and large-scale system changes when required.

As DevOps focused teams are at least partly responsible for the overall performance of the organization they work for, it is increasingly important for these engineers to have choices and flexibility over what kinds of systems and services are deployed company-wide; and even more important for all engineers to have control and transparency when it comes to the systems chosen.

The rise in DevOps is partly linked to the rise in computing companies that are offering modular and containerized services, in which stacks are disaggregated, allowing services to be developed and released independently of one another. DevOps practices are often found within companies finding room for more loosely coupled teams - the aim being to empower teams and team members to make their own choices within the larger framework of the company.

As developers exert more control and influence over IT provisioning and operations, CDNs are under increasing amounts of pressure to expose their services in a similar way to other cloud services, giving DevOps greater autonomy. Customer demand for continuous delivery is also fundamentally changing what companies expect from their IT providers.
Certainly from a CDN perspective, DevOps centric engineering teams need more control, transparency and visibility than traditional legacy CDNs can offer. Some of the major CDNs like Akamai, Cloudflare and Fastly are starting to pay attention to the DevOps movement and are attempting to alter their services accordingly to make them more attractive to DevOps teams.

Fastly, for instance, has increased the DevOps friendliness of its CDN by bringing an increased level of programmability to CDN software by using Varnish Cache and leveraging the benefits of Varnish Configuration Language. Fastly has also improved the speed of deploy of configuration changes so that engineering teams do not have to wait so long for configuration changes to propagate, or suffer from mixed configuration states while in transition.

Meanwhile, Akamai is seeking to simplify the alteration of applications in production and expanding the number of APIs that it exposes via toolsets for a host of different frameworks, including Varnish, Terraform and WordPress. The aim is to grow the level of scripting and automation currently offered by Akamai’s CDN.

However, even Akamai still lags well behind the DevOps movement in terms of the flexibility, control and transparency that modern DevOps centric engineering teams truly require to do their best work.

When it comes to an Edge PAAS, DevOps centric engineering teams should have:

Configuration as code

Instant global configuration change propagation and cache clear

Real time diagnostics and insights

Complete integration with a normal application development workflow

Choice of software to deploy and upgrade path control

section.io and Our Unique Place in the CDN Market

section.io is the only provider in the market to offer a modular Edge PAAS, which is built from the ground up to align with modern DevOps practices. section.io was founded with the goal of creating a DevOps-centric platform, giving engineers control and flexibility over their Edge PAAS.

By leveraging container technology (Docker and Kubernetes at the core) architecturally, section.io is fundamentally different to all other CDN and Application Delivery Controller solutions in the market. section.io is the only provider that can deliver against each of the DevOps system requirements:

See your enriched logs and metrics in real time in the section.io portal. Query the logs in the section.io portal itself for deep, immediate insights.

Complete integration with normal application development workflow

Run section.io in every development environment by cloning a git branch (Dev PoP). Work in feature branches, change and test in dev, test and staging before merging the branch back into production.

Experiment, test and make mistakes in Dev - not in production.

Choice of software to deploy and upgrade path control

The opportunity to choose between three different WAF modules (the rules-based WAF ModSecurity vs. the AI-driven Threat X and Signal Sciences) gives DevOps engineers an unparalleled level of flexibility to choose the right WAF for their enterprise needs; and couple it with their choice of other security offerings. Unlike the other CDNs, section.io doesn’t require you to just choose one stack, but instead allows you to pick and choose the modules that make sense for your business needs.

Further modules available on section.io include Image Optimization modules, server-side multivariate testing, Google’s pageSpeed, OpenResty and Varnish Cache. New modules are regularly added. All modules have consistent configuration-as-code and diagnostics capabilities.

Another important part of section.io’s flexible approach is the fact that customers can pick where section.io runs. Our container-based approach to HTTP traffic delivery means that our HTTP traffic control modules can be run in a distributed fashion either as a CDN, and/or behind the firewall as an Application Delivery Controller.

The transparency and flexibility that section.io is able to provide its customer base is leading to a growing popularity, particularly among global e-commerce stores (Adore Beauty, Esprit, Merrell among them) and large media companies like Universal Music Group.

When the Foundry Group recently announced its leading role in section.io’s $5.5M Series A funding round, the VC firm commented on section.io’s unparalleled levels of flexibility. Foundry Group wrote, “Section.io fits into our Glue and Protocol themes as their PaaS connects compute infrastructure from multiple service providers for improved HTTP traffic delivery from a true federation of compute providers”; adding, “Stewart and Daniel recognized CDNs were not able to adapt to quickly enough to keep pace with modern software development practices”.